<?php
if ($_POST) {
    include_once("../../Functions/connectDatabase.php");
    get_connection();
    if ($_SERVER["REQUEST_METHOD"] == "POST") {
        if (empty($_POST["content"])) {
            echo "<script>alert('评论内容不能为空！');
            window.location.href = document.referrer;
        </script>";
        } else {
            $content = $_POST["content"];
            $news = $_POST["id"];
            $user = "admin";       //测试用，后续根据session写入发布用户
            $time = date("Y-m-d H:i:s");
            $state = "未审核";
                $sql = "INSERT INTO review values
            (null,'$news','$user','$content','$time','$state',null)";
                if (mysqli_query($conn, $sql)) {
                    echo "<script>alert('发表成功！');window.location.href = document.referrer;</script>";
                } else {
                    $error = mysqli_error($conn);
                    $error = str_replace('\'', '', $error);
                    echo "<script>alert('发表失败！$error');window.location.href = document.referrer;</script>";
                }
            } 
        }
    }
    close_connection();
?>
